SEC Releases Strict New Guidelines Requiring Expanded Public Company Disclosure of Year 2000 Issues

With respect to the first criterion, a company cannot conclude that its assessment is complete until it has taken "reasonable steps" to assess the Y2K readiness of third parties with whom a company has "material relationships." These include vendors and suppliers and "significant customers." The SEC also states that a company should consider its potential liability to third parties if its systems are not Year 2000 compliant, resulting in possible legal actions for breach of contract or other harm. The SEC specifically mentions the use of third party questionnaires as a means of assessing third party readiness.

With respect to the second criterion, companies must assume they will not be Year 2000 ready in time and must assume that material third parties will not be ready either, unless these third parties have provided "written assurances" that they expect to be Year 2000 ready in time.

The SEC states that "a large majority of companies will meet one or both of these tests and therefore will be required to provide Year 2000 disclosure" and expects that under the new guidelines significantly more companies will be providing Year 2000 disclosure than in the past. This is clearly an understatement. The SEC's new criteria, if applied, virtually guarantee that every company will be required to make a Y2K disclosure.

Expanded Requirements for Contents of Year 2000 Disclosure

The Company's State of Readiness
This requirement addresses what the SEC calls "the important questions – such as 'will we be ready?' and 'how far along are we?'" with respect both to information technology ("IT") and non-IT systems (including embedded technology such as microcontrollers). The company should disclose what "phase" it is in according to commonly accepted approaches to achieving Y2K readiness (e.g. awareness, assessment, renovation, validation, and implementation) and should set forth the estimated timetable for completion of each remaining phase. It should also describe Year 2000 issues relating to material third parties.

The Costs to Address the Company's Year 2000 Issues
This requirement includes costs directly related to fixing Year 2000 issues, such as modifying software and hiring Year 2000 solution providers and the replacement cost of non-compliant IT systems. The SEC suggests that historical and estimated costs related to a company's Year 2000 issues be disclosed even where the amounts are not material, that on a quarterly basis the company disclose how much of the total estimated Year 2000 project costs have already been incurred, and that the company identify the source of funds for Year 2000 costs, including the percentage of the IT budget used for remediation. The company should state whether other IT projects have been deferred due to the Year 2000 efforts, and describe the effects of this delay on financial condition and results of operations. Possible losses from asserted and unasserted claims of breach of contract or warranty due to Year 2000 noncompliance must be disclosed in notes to the financial statements, and must be recognized as a liability if those losses are probable and reasonably estimable.

The Risks of a Company's Year 2000 Issues
This requirement includes the "most reasonably likely worst case Year 2000 scenarios." A company must explain any risk or uncertainty of a "reasonably possible change in its estimates" of warranty liability, reserves for product returns and allowances, capitalized software costs, inventory, litigation, and deferred revenue. The SEC comments that software and hardware manufacturers "may face potentially greater litigation risks than companies in other industries" and that companies in regulated industries, such as financial institutions, may face formal supervisory or enforcement actions relating to Year 2000 issues that need to be disclosed. Companies should consider the need to disclose the potential for acceleration of debt payments due to covenant defaults tied to Year 2000 readiness.

The Company's Contingency Plans
A contingency plan should answer the important question – "what will the company do if it is not ready?" If a company does not have a contingency plan, it should disclose that fact and state whether it intends to create one and the timetable for doing so.

For more information about Year 2000 legal issues, visit our Year 2000 area.

Effective August 4, 1998, the Securities and Exchange Commission issued Release No. 33-7558, "Statement of the Commission Regarding Disclosure of Year 2000 Issues and Consequences by Public Companies, Investment Advisers, Investment Companies, and Municipal Securities Issuers." The release establishes a strict new test that will require regular Y2K disclosure by virtually every public company, and significantly expands upon the required content of that disclosure.

The lead article in this issue is an executive summary of these important new requirements which should be understood by the management of every public company.

SUMMARY OF KEY POINTS
Virtually every public company must include regular Y2K discussion in its 10-Qs and 10-Ks.

An extraordinary amount of detail is now required describing the company's stage of readiness, known or estimated costs, risks and contingency plans.

The risk disclosure must include "worst case scenarios." Each company is required to assess not only its own readiness, but also that of material third parties, such as vendors and even customers.

Generic or "boilerplate"disclosures are specifically stated to be inadequate.

WHEN DO THE NEW GUIDELINES BECOME EFFECTIVE?
Here is what the SEC says: "Public companies should apply this interpretive guidance immediately after August 4, 1998. Companies with June 30th or July 31st fiscal year-ends need to follow this guidance when they file their annual reports. Companies with quarter-ends after the effective date of this release also need to follow this guidance. We encourage companies with quarters that end on June 30th or July 31st to consider this guidance in their quarterly reports."

UNPRECEDENTED LETTER TO PUBLIC COMPANIES FROM SEC CHAIRMAIN UNDERSCORES EMPHASIS ON Y2K
In early August, executives at more than 9,000 publicly-traded companies were sent letters from the Chairman of the Securities and Exchange Commission directing their attention to the new guidelines and asking them to focus their attention on the disclosure of their company's Year 2000 readiness.

SEC WARNS AGAINST "BOILERPLATE" DISCLOSURES
The release repeatedly cautions public companies against using "generic"or "boilerplate" disclosures. In a recent open meeting to discuss the SEC's plans to issue the interpretive release, the SEC provided the following example of such "boilerplate:"